/SAMKeychain

Simple Objective-C wrapper for the keychain that works on Mac and iOS

Primary LanguageObjective-CMIT LicenseMIT

SAMKeychain

Version CocoaPods Carthage compatible

SAMKeychain is a simple wrapper for accessing accounts, getting passwords, setting passwords, and deleting passwords using the system Keychain on Mac OS X and iOS.

Adding to Your Project

Simply add the following to your Podfile if you're using CocoaPods:

pod 'SAMKeychain'

or Cartfile if you're using Carthage:

github "soffes/SAMKeychain"

To manually add to your project:

  1. Add Security.framework to your target
  2. Add SAMKeychain.h, SAMKeychain.m, SAMKeychainQuery.h, and SAMKeychainQuery.m to your project.

SAMKeychain requires ARC.

Note: Currently SAMKeychain does not support Mac OS 10.6.

Working with the Keychain

SAMKeychain has the following class methods for working with the system keychain:

+ (NSArray *)allAccounts;
+ (NSArray *)accountsForService:(NSString *)serviceName;
+ (NSString *)passwordForService:(NSString *)serviceName account:(NSString *)account;
+ (BOOL)deletePasswordForService:(NSString *)serviceName account:(NSString *)account;
+ (void)setAccessibilityType:(CFTypeRef)accessibilityType;
+ (BOOL)setPassword:(NSString *)password forService:(NSString *)serviceName account:(NSString *)account;

Easy as that. (See SAMKeychain.h and SAMKeychainQuery.h for all of the methods.)

Documentation

Use prepared documentation

Read the online documentation.

Debugging

If your saving to the keychain fails, use the NSError object to handle it. You can invoke [error code] to get the numeric error code. A few values are defined in SAMKeychain.h, and the rest in SecBase.h.

NSError *error = nil;
SAMKeychainQuery *query = [[SAMKeychainQuery alloc] init];
query.service = @"MyService";
query.account = @"soffes";
[query fetch:&error];

if ([error code] == errSecItemNotFound) {
    NSLog(@"Password not found");
} else if (error != nil) {
	NSLog(@"Some other error occurred: %@", [error localizedDescription]);
}

Obviously, you should do something more sophisticated. You can just call [error localizedDescription] if all you need is the error message.

Disclaimer

Working with the keychain is pretty sucky. You should really check for errors and failures. This library doesn't make it any more stable, it just wraps up all of the annoying C APIs.

You also really should not use the default but set the accessibilityType. kSecAttrAccessibleWhenUnlocked should work for most applications. See Apple Documentation for other options.

Thanks

This was originally inspired by EMKeychain and SDKeychain (both of which are now gone). Thanks to the authors. SAMKeychain has since switched to a simpler implementation that was abstracted from SSToolkit.

A huge thanks to Caleb Davenport for leading the way on version 1.0 of SAMKeychain.